Dec18
2010 Prognostications posted by Rick Howard
Filed in: 2010 Cyber Security Predictions
It's prediction time. You all know it is that time of year. All the blogs, news sites and crackpot prognosticators are making their end-of-year guesses about what is going to happen in 2010. I don't want to be left out of that august group. The boys and girls here at iDefense have some thoughts about that very subject and if we are anything, we are opinionated.We will deliver our own annual iDefense trends paper to customers this afternoon. This is the tome that takes a look back at 2009 in an effort to contextualize those key significant issues that impacted the enterprise, identify potential new issues that we all need to keep an eye on in 2010 and characterize new ideas and technologies that may not affect us this year, but will within the next five to ten years. We call these longer range ideas the iDefense Security Disruptors. I wrote about security disruptors last week.
The general public will not get to see the paper for a few weeks. We have to give our customers first crack at the intelligence. We will be doing a public webinar on the subject on Jan. 28, 2010 at 2 p.m. EST/11 a.m. PST. You can register here if you are interested in attending.
It does not mean that I can't give you a sneak peak though about what is in the paper.
Two major themes emerged this year. First, we have a steady evolution of malicious tools of the trade that we affectionately refer to as "bad guy tactics." There is nothing mind blowing here per se, but we are seeing a consistent advancement in the efficiency and deviousness of these tools. The second theme is broader in scope and deals with thought leadership and dollars for security spending. We have noticed a shift in the center of gravity away from typical network defenders and commercial security companies toward government policy makers around the world. Going into 2010, the cyber security landscape is poised for a widespread transformation. Governments have declared and positioned themselves as the primary participants on both the offensive and defensive sides. It will likely take several years before the implications of this transition are fully realized and before the public appreciates the full scale of government involvement; but, security historians will mark 2009 as the year that the transition began.
Enough stalling, what about those predictions I was bragging about? In last year's paper, we made 19 predictions. We got 14 right, one wrong and four that will probably push into 2010. For this year's paper, we are making 18 predictions for 2010. Here are some of the notable ones:
1. There will be more Windows 7 vulnerabilities in 2010 than all of the Windows Vista vulnerabilities discovered in the three years since its release.
2. Malware spreading over social networking sites will rapidly increase relative to other malware-distribution mechanisms.
3. The US government will likely spend much of 2010 trying to implement the priorities that it set in 2009, but will have mixed success, some failures and increasing incoherence.
4. Russian attackers will increase the complexity of their attacks against financial institutions, especially by combining attack types, such as DDoS attacks, to distract or blind security personnel while they execute large fraudulent transactions.
5. Chinese information operations against strategic rivals or rich sources of intellectual property are likely to increase, though more intensely against India than other nations.
6. Brazilian cyber criminals will start focusing more attention on increasing the technical effectiveness of malware-distribution methods.
In other words, in the short term (2010), we will see more of the same in terms of vulnerabilities and malicious code; a uniform advancement in pernicious tactics. In the long run (2010-15), we will all be reacting to worldwide governments as they throw their big budgets around and begin to set international policy for cyber space.
